diff --git a/gatsby-config.js b/gatsby-config.js
index d47e67ab..25647780 100644
--- a/gatsby-config.js
+++ b/gatsby-config.js
@@ -80,16 +80,16 @@ module.exports = {
title: "Services",
pages: [
{
- path: "guides/services/services-add-api-jwt.md",
- title: "Add API using Service Account (JWT)"
+ path: "guides/services/services-add-api-oauth-s2s.md",
+ title: "Add API using OAuth Server-to-Server credential"
},
{
path: "guides/services/services-add-api-key.md",
- title: "Add API using API Key"
+ title: "Add API using API Key credential"
},
{
path: "guides/services/services-add-api-oauth.md",
- title: "Add API using Oauth"
+ title: "Add API using OAuth User authentication credential"
},
{
path: "guides/services/services-add-event.md",
diff --git a/src/pages/guides/credentials.md b/src/pages/guides/credentials.md
index 0f70a484..dc5c276a 100644
--- a/src/pages/guides/credentials.md
+++ b/src/pages/guides/credentials.md
@@ -10,35 +10,39 @@ To view credentials for events, select the specific event registration from the
## Credential details
-You can select a specific API from the left navigation to view its details or you can select a credential type under *Credentials* in the left navigation in order to view the *Credential details* and perform other actions (generate JWT tokens, copy credential details, retrieve client secrets, etc.) as needed.
+You can select a specific API from the left navigation to view its details or you can select a credential type under *Credentials* in the left navigation in order to view the *Credential details* and perform other actions (generate access tokens, copy credential details, retrieve client secrets, etc.) as needed.
If multiple services have been added to the project or workspace using the same credentials, they will each be listed under the *Connected products and services* on the right-hand side of the details tab.
-For example, selecting **Service Account (JWT)** under *Credentials* will open the *Credential details* for all products and services connected using JWT.
+For example, selecting **OAuth Server-to-Server** under *Credentials* will open the *Credential details* for all products and services connected using this credential.
-## Generate JWT
+## Generate Access token
-If you selected **Service Account (JWT)** under *Credentials* you will be presented with the *Credential details* for all products and services connected using JWT.
+If you selected **OAuth Server-to-Server** under *Credentials* you will be presented with the *Credential details* for all products and services connected using this credential.
-You can also select **Generate JWT** in order to view a sample *JWT Payload* or *Generate custom JWT* by copying and pasting your private key into the available field and choosing **Generate Token**.
+To generate a token, click on the button "Generate access token"
-
+
-If successful, the *Generated JWT* will be visible as well as a *Sample cURL command*. You can select *Clear generated JWT* in order to clear the screen and generate a new token.
+You can also view the cURL command you could use to generate access tokens programmatically.
-
+
-## OAuth
+You can also view the scopes per service to generate an access token that only works for a subset of services in your project.
-By selecting **OAuth** under *Credentials*, you will be shown all products and services connected to your project using OAuth 2.0 authenication and authorization.
+
+
+## OAuth User authentication
+
+By selecting an OAuth User authentication credential under *Credentials*, you will be shown all products and services connected to your project using OAuth 2.0 authenication and authorization.
From here, you can view and copy the *Client ID*, retrieve the client secret, and view the *Platform* type as well as the *Redirect URL*.
Within the *Credential details* screen you can also choose to download the OAuth JSON file, edit the credential, or delete the credential using the buttons provided in the top-right corner of the screen.
-
+
## API key
diff --git a/src/pages/guides/email-alerts/cert-expiry.md b/src/pages/guides/email-alerts/cert-expiry.md
index 482a7b83..c401f2fb 100644
--- a/src/pages/guides/email-alerts/cert-expiry.md
+++ b/src/pages/guides/email-alerts/cert-expiry.md
@@ -12,6 +12,10 @@ The certificate key pairs generated on the Developer Console expire after a year
Upon receiving the email alert, you need to replace the expiring certificate key pair with a new pair in a timely fashion to ensure all your custom integrations and applications continue to work. See this step-by-step guide on replacing certificate key pairs for more detailed instructions.
+
+
+Service Account (JWT) credentials have been deprecated in favor of the OAuth Server-to-Server credentials. Your applications using the Service Account (JWT) credentials will stop working after Jan 27, 2025. **You must migrate to the new credential by Jan 27, 2025 in order to ensure your application continues to function. View our [migration guide](../ServerToServerAuthentication/migration.md) to know more.**
+
## A step-by-step guide to replacing expiring certificate key pairs
### Step 1: Identify application and Project maintainers
diff --git a/src/pages/guides/services/index.md b/src/pages/guides/services/index.md
index c8a3d7f7..637184b6 100644
--- a/src/pages/guides/services/index.md
+++ b/src/pages/guides/services/index.md
@@ -24,10 +24,14 @@ Access to some APIs is based on licenses. Meaning either the licenses your compa
APIs can be connected to your app in multiple ways, depending on the API or the type of app that you are building. Occasionally APIs will provide multiple connection options, allowing you to choose the type of connection that works best for your application. To learn more about each of these authentication methods or API connections, read the [authentication documentation](../authentication/index.md).
-* [Add an API using Service Account (JWT) authentication](services-add-api-jwt.md)
-* [Add an API using OAuth authentication](services-add-api-oauth.md)
+* [Add an API using OAuth Server-to-Server credential](services-add-api-oauth-s2s.md)
+* [Add an API using OAuth User authentication credential](services-add-api-oauth-user-authentication.md)
* [Add an API using API Key authentication](services-add-api-key.md)
+
+
+See our [authentication guide](../authentication/index.md) to learn about the available credential types.
+
### Add Event
Adobe I/O Events allow you to receive notifications of real-time events taking place in Adobe services. To add this service to your project you must register a webhook, to which Adobe I/O Events sends HTTP POST requests containing the details of each event. Using Events, you can build event-driven applications that integrate with Adobe. To learn more about Adobe I/O Events, read the [Events documentation](https://www.adobe.com/go/devs_events).
@@ -52,7 +56,7 @@ Occasionally you may need to remove a service once it has been added to your pro
Once you have successfully added APIs to your project or workspace, you can return to the **Project overview** (or **Workspace overview** in a templated project) at any time to view the details for that API and any other project services you may have added. You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.
-You can also select the specific credential type from the left navigation to view the **Credential details** and perform other actions (generate JWT tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
+You can also select the specific credential type from the left navigation to view the **Credential details** and perform other actions (generate access tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
To view credentials for events, select the specific event registration from the left navigation and select the **Credentials** tab. For more information on working with events, including viewing event credentials, follow the guide for [adding Events to your project or workspace](services-add-event.md).
diff --git a/src/pages/guides/services/services-add-api-jwt.md b/src/pages/guides/services/services-add-api-jwt.md
index fa32c04c..53aeb688 100644
--- a/src/pages/guides/services/services-add-api-jwt.md
+++ b/src/pages/guides/services/services-add-api-jwt.md
@@ -1,115 +1,5 @@
# Add API to project using Service Account (JWT)
-Adding an API to an empty project is the same whether you are working in a personal or enterprise project. Adding an API to a templated project is similar, with one small variation: APIs are added to individual workspaces, not to the project as a whole.
-
-To begin adding an API from within a templated project, first select the appropriate workspace to open the *Workspace overview*. Then, select **+ Add Service** in the left navigation and choose **API** from the dropdown.
-
-In an empty project, select **+Add to Project** in the left navigation of the *Project overview* and then choose **API**, or select **Add API** from the quick start buttons.
-
-
-
-## Add an API
-
-Using REST APIs allows your application to make calls to Adobe services and products. The *Add an API* dialog shows a list of available services with the default *View by* setting to show only those services available to you.
-
-
-
-Many services are only available through paid licenses or subscriptions. Licenses and subscriptions can refer to either your organization or your personal licenses if you are building a personal project. For this reason, if you select "All" from the *View by* dropdown, you may notice that several services appear greyed out in the list. If you believe that you should have access to one of these disabled services, please speak with your system administrator or Adobe sales representative.
-
-
-
-Once you have found and chosen an API that you would like to add, select **Next** to begin configuring the API.
-
-
-
-## Configure API
-
-A service account (JWT) integration lets your application call Adobe services on its own behalf, or on the behalf of an enterprise organization. For this type of integration, a JSON Web Token (JWT) must be created that includes your credentials. You will then begin each session by exchanging the JWT for an access token. For more information, please read the [JWT Authentication documentation](../authentication/JWT/index.md).
-
-### Create a new service account (JWT) credential
-
-There are two options for creating the necessary credentials:
-
-1. **Generate a key pair:** Adobe Developer Console generates a public/private key pair for you. This private key is not stored within Console, but it is automatically downloaded to your device.
-
- In order to proceed with generating a key pair, choose Option 1 and then select **Generate keypair**.
-
-2. **Upload your public key:** Create your own public/private key pair through terminal and upload your public key. To learn more, see the documentation on [creating a private key and public certificate](../authentication/JWT/JWTCertificate.md).
-
- To upload your own public key, drag and drop a file from your computer or use *Select a File* to choose the file that you would like to use. Then select **Next** to proceed.
-
-
-
-If you select Option 1 to **Generate a key pair**, immediately upon selecting the **Generate keypair** button, a file is downloaded to your computer containing your private key, as well as all of your app settings.
-
-If you select Option 2, you will be required to drag and drop or select your public certificate from your computer.
-
-Adobe does not record your private key, therefore you must make sure to securely store it. This includes downloaded private key files from Console or files generated elsewhere.
-
-The public key is now visible, including an option to download the key, upload another public key, or generate another key pair.
-
-If the selected API configuration is complete, a **Save configured API** button appears in the bottom right corner of the dialog. Selecting **Save configured API** will complete the configuration for the API. You can now proceed to the [API overview](#api-overview) section later in this guide.
-
-Otherwise, please proceed to the next section on [selecting product profiles](#select-product-profiles).
-
-
-
-## Select product profiles
-
-If necessary, you will continue configuring the API by choosing from a list of available product profiles. Your integration's service account will gain access to granular features of the Adobe product based on the product profiles that you select.
-
-As product profiles are selected, they appear in the left navigation under *Product Profiles*. Once you have selected at least one profile, the **Save configured API** button will become available.
-
-Continue selecting all required product profiles and, once complete, select **Save configured API** to complete the configuration.
-
-
-
-## API overview
-
-With the API configured, you are redirected to the API overview, providing links to documentation, the ability to download files in order to experiment with the API using Postman, and a dialog allowing you to generate an access token by providing your private key.
-
-You can also elect to remove the API on this screen using the **Remove API** button or, if the API includes product profiles, edit the profiles selected during configuration.
-
-
-
-## Quota usage
-
-Select APIs specify a quota, or fixed allowance, for usage. Often this is tied to trial programs that provide free credentials in order to test out a service. These trials provide a quota that is generous enough to get you up and running. Quota may also be tied to a specific agreement, outlining the amount of quota available and timelines for its use.
-
-For APIs that provide a quota, a *Quota usage* section will appear at the top of the API overview when the API is selected in the left navigation.
-
-For more information on quota usage, please visit the [quota usage overview](../quota.md).
-
-
-
-## Generate token
-
-To generate a token, copy and paste your private key into the *Private key* field and select **Generate token**.
-
-
-
-If the private key is correct, an access token will appear along with the ability to **Copy** the token for use.
-
-
-
-## Credentials
-
-Now that you have added an API, you can return to the *Project overview* (or *Workspace overview* in a templated project) at any time to view the details for that API and any other project services you may have added.
-
-You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.
-
-You can also select the specific credential type from under *Credentials* in the left navigation to view the *Credential details* and perform other actions (generate JWT tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
-
-## Insights
-
-Adobe Developer Console automatically generates valuable insights related to API usage for each enterprise project (or individual workspace when working in a templated project), as well as for each personal project, including XD Plugins.
-
-To learn more about insights, begin by reading the [insights overview](../insights.md).
-
-## Next steps
-
-With an API successfully added, you can follow the same workflow steps to add additional APIs, or return to the [services overview](../services/index.md) to select another type of service to add to your project.
-
-If you have completed development on your project and are ready to submit your application for approval, please read the [project approval guide](../projects/approval.md) to get started.
\ No newline at end of file
+Service Account (JWT) credentials have been deprecated in favor of the OAuth Server-to-Server credentials. View our [migration guide](../ServerToServerAuthentication/migration.md) to know more. The new version of this guide that uses OAuth Server-to-Server credentials is now available here - [**Add API to project using OAuth Server-to-Server credentials**](../services/services-add-api-oauth-s2s.md).
\ No newline at end of file
diff --git a/src/pages/guides/services/services-add-api-oauth-s2s.md b/src/pages/guides/services/services-add-api-oauth-s2s.md
new file mode 100644
index 00000000..065c85fb
--- /dev/null
+++ b/src/pages/guides/services/services-add-api-oauth-s2s.md
@@ -0,0 +1,104 @@
+# Add API to project using OAuth Server-to-Server credential
+
+Adding an API to an empty project is the same whether you are working in a personal or enterprise project. Adding an API to a templated project is similar, with one small variation: APIs are added to individual workspaces, not to the project as a whole.
+
+To begin adding an API from within a templated project, first select the appropriate workspace to open the *Workspace overview*. Then, select **+ Add Service** in the left navigation and choose **API** from the dropdown.
+
+In an empty project, select **+Add to Project** in the left navigation of the *Project overview* and then choose **API**, or select **Add API** from the quick start buttons.
+
+
+
+## Add an API
+
+Using REST APIs allows your application to make calls to Adobe services and products. The *Add an API* dialog shows a list of available services with the default *View by* setting to show only those services available to you.
+
+
+
+Many services are only available through paid licenses or subscriptions. Licenses and subscriptions can refer to either your organization or your personal licenses if you are building a personal project. For this reason, if you select "All" from the *View by* dropdown, you may notice that several services appear greyed out in the list. If you believe that you should have access to one of these disabled services, please speak with your system administrator or Adobe sales representative.
+
+
+
+Once you have found and chosen an API that you would like to add, select **Next** to begin configuring the API.
+
+
+
+## Configure API
+
+An OAuth Server-to-Server integration lets your application call Adobe services on its own behalf, or on the behalf of an enterprise organization. Learn more on Server to Server authentication [here](../authentication/ServerToServerAuthentication/index.md).
+
+For this type of integration, your application can create an access token can be created by making a simple API call to Adobe IMS (see [implementation guide](../authentication/ServerToServerAuthentication/implementation.md)).
+
+
+### Create a new OAuth Server-to-Server credential
+
+
+
+OAuth Server-to-server credentials allow you to assign a credential name to them. This name appears in the Admin Console > Users > API Credentials. Choose a name for easy identification.
+
+## Select product profiles
+
+If necessary, you will continue configuring the API by choosing from a list of available product profiles. Your integration's service account will gain access to granular features of the Adobe product based on the product profiles that you select.
+
+As product profiles are selected, they appear in the left navigation under *Product Profiles*. Once you have selected at least one profile, the **Save configured API** button will become available.
+
+Continue selecting all required product profiles and, once complete, select **Save configured API** to complete the configuration.
+
+
+
+## API overview
+
+With the API configured, you are redirected to the API overview, providing links to documentation, the ability to download files in order to experiment with the API using Postman, and a dialog allowing you to generate an access token by providing your private key.
+
+You can also elect to remove the API on this screen using the **Remove API** button or, if the API includes product profiles, edit the profiles selected during configuration.
+
+
+
+You can click on generate access token button and it will lead you to the credential overview page. This page shows you all details about the credential you just created, including when this credential was last used to generate an access token. Furthermore it gives you an easy way to generate access tokens, view the cURL command you can use to generate access tokens programmatically, and view scopes per service.
+
+
+
+
+
+## Quota usage
+
+Select APIs specify a quota, or fixed allowance, for usage. Often this is tied to trial programs that provide free credentials in order to test out a service. These trials provide a quota that is generous enough to get you up and running. Quota may also be tied to a specific agreement, outlining the amount of quota available and timelines for its use.
+
+For APIs that provide a quota, a *Quota usage* section will appear at the top of the API overview when the API is selected in the left navigation.
+
+For more information on quota usage, please visit the [quota usage overview](../quota.md).
+
+
+
+## Generate token
+
+To generate a token, click on the button "Generate access token"
+
+
+
+You can also view the cURL command you could use to generate access tokens programmatically.
+
+
+
+You can also view the scopes per service to generate an access token that only works for a subset of services in your project.
+
+
+
+## Credentials
+
+Now that you have added an API, you can return to the *Project overview* (or *Workspace overview* in a templated project) at any time to view the details for that API and any other project services you may have added.
+
+You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.
+
+You can also select the specific credential type from under *Credentials* in the left navigation to view the *Credential details* and perform other actions (generate access tokens, copy credential details, retrieve client secrets, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
+
+## Insights
+
+Adobe Developer Console automatically generates valuable insights related to API usage for each enterprise project (or individual workspace when working in a templated project), as well as for each personal project, including XD Plugins.
+
+To learn more about insights, begin by reading the [insights overview](../insights.md).
+
+## Next steps
+
+With an API successfully added, you can follow the same workflow steps to add additional APIs, or return to the [services overview](../services/index.md) to select another type of service to add to your project.
+
+If you have completed development on your project and are ready to submit your application for approval, please read the [project approval guide](../projects/approval.md) to get started.
\ No newline at end of file
diff --git a/src/pages/guides/services/services-add-api-oauth-user-authentication.md b/src/pages/guides/services/services-add-api-oauth-user-authentication.md
new file mode 100644
index 00000000..42ec2d7e
--- /dev/null
+++ b/src/pages/guides/services/services-add-api-oauth-user-authentication.md
@@ -0,0 +1,137 @@
+# Add API to project using OAuth User authentication credentials
+
+Adding an API to an empty project is the same whether you are working in a personal or enterprise project. Adding an API to a templated project is similar, with one small variation: APIs are added to individual workspaces, not to the project as a whole.
+
+To begin adding an API from within a templated project, first, select the appropriate workspace to open the *Workspace overview*. Then, select **+ Add Service** in the left navigation and choose **API** from the dropdown.
+
+In an empty project, select **+Add to Project** in the left navigation of the *Project overview* and then choose **API**, or select **Add API** from the quick start buttons.
+
+
+
+## Add an API
+
+Using REST APIs allows your application to make calls to Adobe services and products. The *Add an API* dialog shows a list of available services with the default *View by* setting to show only those services available to you.
+
+
+
+Many services are only available through paid licenses or subscriptions. Licenses and subscriptions can refer to either your organization or your personal licenses if you are building a personal project. For this reason, if you select "All" from the *View by* dropdown, you may notice that several services appear greyed out in the list. If you believe that you should have access to one of these disabled services, please speak with your system administrator or Adobe sales representative.
+
+Once you have found and chosen an API that you would like to add, select **Next** to begin configuring the API.
+
+
+
+## Configure API
+
+OAuth User authentication credentials allows your end-users to sign in to your integration with an Adobe ID and your integration to receive an access token. With the access token, your integration will be able to call Adobe APIs and access content on behalf of the logged-in user. For more information, read the [OAuth User authentication credentials guide](../authentication/UserAuthentication/index.md).
+
+To configure an API using OAuth 2.0 User authentication, you must first select the platforms where you want to use this integration: Web App, Single Page App, or Native App.
+
+
+
+Depending on the selected API, some of the platforms may not be available to be used with that API. Select the platform that best suits your application use case if more than one platform is available.
+
+
+
+Depending on the platform(s) you select, you may be required to provide additional configuration information:
+
+### Web App
+
+The Web App platform is best suited for applications that have a backend server. The OAuth User authentication Web App credential requires the application to securely store a client secret on the backend server. The application can then fetch tokens using the client secret on the backend server, and therefore, not risk exposing the client secret or the tokens through the frontend application.
+
+When setting up an OAuth User authentication Web App credential, you are required to provide:
+1. [A Default Redirect URI](#oauth-20-default-redirect-uri)
+2. [A Redirect URI pattern](#oauth-20-redirect-uri-pattern)
+
+
+
+In OAuth 2.0 standard terminology, an OAuth User authentication Web App credential is a *confidential* client with an HTTPS redirect.
+
+### Single Page App
+
+The Single Page App platform is best suited for JavaScript-based applications that run in the browser and either do not have a backend server or want to fetch tokens on the frontend. OAuth User authentication Single Page Apps credential does not require the application to store a client secret, and therefore, the application must utilize the [OAuth 2.0 PKCE flow](https://oauth.net/2/pkce/) to obtain tokens securely.
+
+
+When setting up an OAuth User authentication Single Page App credential, you are required to provide:
+1. [A Default Redirect URI](#oauth-20-default-redirect-uri)
+2. [A Redirect URI pattern](#oauth-20-redirect-uri-pattern)
+
+
+
+In OAuth 2.0 standard terminology, an OAuth User authentication Single Page App credential is a *public* client with an HTTPS redirect.
+
+
+### Native App
+
+The Native App platform is best suited for applications that run natively on a device (Android, iOS, Windows, Mac, and others) and either do not have a backend server or want to fetch tokens on the frontend. OAuth User authentication Native Apps credential does not require the application to store a client secret, and therefore, the application must utilize the [OAuth 2.0 PKCE flow](https://oauth.net/2/pkce/) to obtain tokens securely.
+
+
+
+In OAuth 2.0 standard terminology, an OAuth User authentication Native App credential is a *public* client with a non-HTTPS redirect.
+
+### OAuth 2.0 Default Redirect URI
+
+A *Default redirect URI* is the URL of the page or script (usually at the root of your web app) that Adobe will access during the authentication process. It can contain a maximum of 256 characters and cannot be a regular expression.
+
+
+
+The *Default redirect URI* MUST be hosted on a secure server (HTTPS), even if it is only a localhost instance. For example, **https://redirect.com/uri/etc**.
+
+### OAuth 2.0 Redirect URI pattern
+
+When creating a new authorize request, the OAuth 2.0 framework allows your application to request a different redirect URI than the default Redirect URI. However, any requested redirect URI must match against the *Redirect URI pattern* you supply. The authorize request can be successfully completed only if the requested Redirect URI passes regex matching,
+
+A *Redirect URI pattern* is a URI path (or comma-separated list of paths) to which Adobe can redirect (if requested) when the login flow is complete. It must be within your application domain and is typically the root. It can contain a maximum of 512 characters.
+
+
+
+You must escape periods (**.**) with **\\**. For example, **https://example\\.com/**.
+
+### Web
+
+The OAuth credential for the Web platform has been deprecated in favor of the [Web App platform](#web-app). Furthermore, the new Web App platform credentials do not support the weaker OAuth implicit flow. Applications looking for a substitute for the OAuth implicit flow should use the more secure [Single Page App platform](#single-page-app).
+
+### iOS
+
+The OAuth credential for the iOS platform has been deprecated in favor of the [Native App platform](#native-app).
+### Android
+
+The OAuth credential for the Android platform has been deprecated in favor of the [Native App platform](#native-app).
+
+
+## API overview
+
+With the API configured, you are redirected to the API overview, providing links to documentation, the ability to download files in order to experiment with the API using Postman, and the *Credential details*, including the *Redirect URI* that you just provided.
+
+You can also elect to remove the API on this screen using the **Remove API** button in the top-right corner.
+
+
+
+
+## Credentials
+
+Now that you have added an API, you can return to the *Project overview* (or *Workspace overview* in a templated project) at any time to view the details for that API and any other project services you may have added.
+
+You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.
+
+You can also select the specific credential type from under *Credentials* in the left navigation to view the *Credential details* and perform other actions (view Client ID, retrieve client secret, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
+
+
+
+You can also view the scopes available to your credential on the scopes tab.
+
+
+
+## Insights
+
+Adobe Developer Console automatically generates valuable insights related to API usage for each enterprise project (or individual workspace when working in a templated project), as well as for each personal project, including XD Plugins.
+
+To learn more about insights, begin by reading the [insights overview](../insights.md).
+
+## Next steps
+
+With an API successfully added, you can follow the same workflow steps to add additional APIs or return to the [services overview](../services/index.md) to select another type of service to add to your project.
+
+If you have completed development on your project and are ready to submit your application for approval, please read the [project approval guide](../projects/approval.md) to get started.
+
+
+
diff --git a/src/pages/guides/services/services-add-api-oauth.md b/src/pages/guides/services/services-add-api-oauth.md
index 9eceeb65..e80cf8a0 100644
--- a/src/pages/guides/services/services-add-api-oauth.md
+++ b/src/pages/guides/services/services-add-api-oauth.md
@@ -1,130 +1,5 @@
# Add API to project using OAuth
-Adding an API to an empty project is the same whether you are working in a personal or enterprise project. Adding an API to a templated project is similar, with one small variation: APIs are added to individual workspaces, not to the project as a whole.
-
-To begin adding an API from within a templated project, first, select the appropriate workspace to open the *Workspace overview*. Then, select **+ Add Service** in the left navigation and choose **API** from the dropdown.
-
-In an empty project, select **+Add to Project** in the left navigation of the *Project overview* and then choose **API**, or select **Add API** from the quick start buttons.
-
-
-
-## Add an API
-
-Using REST APIs allows your application to make calls to Adobe services and products. The *Add an API* dialog shows a list of available services with the default *View by* setting to show only those services available to you.
-
-
-
-Many services are only available through paid licenses or subscriptions. Licenses and subscriptions can refer to either your organization or your personal licenses if you are building a personal project. For this reason, if you select "All" from the *View by* dropdown, you may notice that several services appear greyed out in the list. If you believe that you should have access to one of these disabled services, please speak with your system administrator or Adobe sales representative.
-
-Once you have found and chosen an API that you would like to add, select **Next** to begin configuring the API.
-
-
-
-## Configure API
-
-User authentication using OAuth allows your end-users to sign in to your integration with an Adobe ID. With an OAuth token, your integration will be able to access Adobe services and content on behalf of the logged-in user. For more information, read the [OAuth Authentication and Authorization documentation](../authentication/OAuth/index.md).
-
-To configure an API using OAuth 2.0 authentication and authorization, you must first select the platforms where you want to use this integration: Web App, Single Page App, or Native App.
-
-
-
-Depending on the selected API, some of the platforms may not be available to be used with that API. Select the platform that best suits your application use case if more than one platform is available.
-
-
-
-Depending on the platform(s) you select, you may be required to provide additional configuration information:
-
-### Web App
-
-The Web App platform is best suited for applications that have a backend server. OAuth credentials for Web App require the application to securely store a client secret on the backend server. The application can then fetch tokens using the client secret on the backend server, and therefore, not risk exposing the client secret or the tokens through the frontend application.
-
-When setting up an OAuth credential for the Web App platform, you are required to provide:
-1. [A Default Redirect URI](#oauth-20-default-redirect-uri)
-2. [A Redirect URI pattern](#oauth-20-redirect-uri-pattern)
-
-
-
-In OAuth 2.0 standard terminology, an OAuth credential for the Web App platform is a *confidential* client with an HTTPS redirect.
-
-### Single Page App
-
-The Single Page App platform is best suited for JavaScript-based applications that run in the browser and either do not have a backend server or want to fetch tokens on the frontend. OAuth credentials for Single Page Apps do not require the application to store a client secret, and therefore, must utilize the [OAuth 2.0 PKCE flow](https://oauth.net/2/pkce/) to obtain tokens securely.
-
-
-When setting up an OAuth credential for the Single Page App platform, you are required to provide:
-1. [A Default Redirect URI](#oauth-20-default-redirect-uri)
-2. [A Redirect URI pattern](#oauth-20-redirect-uri-pattern)
-
-
-
-In OAuth 2.0 standard terminology, an OAuth credential for the Single Page App platform is a *public* client with an HTTPS redirect.
-
-
-### Native App
-
-The Native App platform is best suited for applications that run natively on a device (Android, iOS, Windows, Mac, and others) and either do not have a backend server or want to fetch tokens on the frontend. OAuth credentials for Native Apps do not require the application to store a client secret, and therefore, must utilize the [OAuth 2.0 PKCE flow](https://oauth.net/2/pkce/) to obtain tokens securely.
-
-In OAuth 2.0 standard terminology, an OAuth credential for the Native App platform is a *public* client with a non-HTTPS redirect.
-
-### OAuth 2.0 Default Redirect URI
-
-A *Default redirect URI* is the URL of the page or script (usually at the root of your web app) that Adobe will access during the authentication process. It can contain a maximum of 256 characters and cannot be a regular expression.
-
-
-
-The *Default redirect URI* MUST be hosted on a secure server (HTTPS), even if it is only a localhost instance. For example, **https://redirect.com/uri/etc**.
-
-### OAuth 2.0 Redirect URI pattern
-
-When creating a new authorize request, the OAuth 2.0 framework allows your application to request a different redirect URI than the default Redirect URI. However, any requested redirect URI must match against the *Redirect URI pattern* you supply. The authorize request can be successfully completed only if the requested Redirect URI passes regex matching,
-
-A *Redirect URI pattern* is a URI path (or comma-separated list of paths) to which Adobe can redirect (if requested) when the login flow is complete. It must be within your application domain and is typically the root. It can contain a maximum of 512 characters.
-
-
-
-You must escape periods (**.**) with **\\**. For example, **https://example\\.com/**.
-
-### Web
-
-The OAuth credential for the Web platform has been deprecated in favor of the [Web App platform](#web-app). Furthermore, the new Web App platform credentials do not support the weaker OAuth implicit flow. Applications looking for a substitute for the OAuth implicit flow should use the more secure [Single Page App platform](#single-page-app).
-
-### iOS
-
-The OAuth credential for the iOS platform has been deprecated in favor of the [Native App platform](#native-app).
-### Android
-
-The OAuth credential for the Android platform has been deprecated in favor of the [Native App platform](#native-app).
-
-
-## API overview
-
-With the API configured, you are redirected to the API overview, providing links to documentation, the ability to download files in order to experiment with the API using Postman, and the *Credential details*, including the *Redirect URI* that you just provided.
-
-You can also elect to remove the API on this screen using the **Remove API** button in the top-right corner.
-
-
-
-## Credentials
-
-Now that you have added an API, you can return to the *Project overview* (or *Workspace overview* in a templated project) at any time to view the details for that API and any other project services you may have added.
-
-You can select the specific API from the left navigation to view its details or remove the API using the **Remove API** button in the top-right corner.
-
-You can also select the specific credential type from under *Credentials* in the left navigation to view the *Credential details* and perform other actions (view Client ID, retrieve client secret, etc.) as needed. For more information on accessing credentials, please read the [credentials overview](../credentials.md).
-
-## Insights
-
-Adobe Developer Console automatically generates valuable insights related to API usage for each enterprise project (or individual workspace when working in a templated project), as well as for each personal project, including XD Plugins.
-
-To learn more about insights, begin by reading the [insights overview](../insights.md).
-
-## Next steps
-
-With an API successfully added, you can follow the same workflow steps to add additional APIs or return to the [services overview](../services/index.md) to select another type of service to add to your project.
-
-If you have completed development on your project and are ready to submit your application for approval, please read the [project approval guide](../projects/approval.md) to get started.
-
-
-
+The new version of this guide is now available here - [Add API to project using OAuth User Authentication credentials](../services/services-add-api-oauth-user-authentication.md).
\ No newline at end of file
diff --git a/src/pages/guides/services/services-add-event.md b/src/pages/guides/services/services-add-event.md
index 1db994b0..dbde8d6d 100644
--- a/src/pages/guides/services/services-add-event.md
+++ b/src/pages/guides/services/services-add-event.md
@@ -26,13 +26,13 @@ The first step in configuration is to choose your event subscriptions. This requ
## Credentials
-The next step in configuring your event registration is to configure the authentication credentials. This could be a service account (JWT) or OAuth, depending on the type of event being configured. The example in this document uses OAuth 2.0 authentication and authorization.
+The next step in configuring your event registration is to configure the authentication credentials. This could be a OAuth Server-to-Server credential or OAuth User authentication credential, depending on the type of event being configured. The example in this document uses OAuth 2.0 user authentication credential.
To learn more about authentication and available types, visit the [authentication documentation](../authentication/index.md).
-To configure an Event using OAuth 2.0 authentication and authorization, you must first select the platform where you want to use this integration: Web App, Single Page App, or Native App. Please note, depending on the selected event provider not all platform choices may be available.
+To configure an Event using OAuth 2.0 user authentication credential, you must first select the platform where you want to use this integration: Web App, Single Page App, or Native App. Please note, depending on the selected event provider not all platform choices may be available.
Once you have selected a platform, you will be required to provide a *Redirect URI*, which is a fallback URI to be used if the authorization request contains a redirect URI which doesn't match the Redirect URI list or doesn't contain a `redirect_uri` parameter.
@@ -66,7 +66,7 @@ You can also remove an event registration from the event overview by selecting *
## Credentials
-The *Credentials* tab shows details related to the event authentication method, allowing you to perform actions such as copying a Client ID, retrieving the client secret, generating a JWT token, etc depending on the type of authentication used.
+The *Credentials* tab shows details related to the event authentication method, allowing you to perform actions such as copying a Client ID, retrieving the client secret, generating an access token, etc depending on the type of authentication used.
diff --git a/src/pages/images/credentials-details.png b/src/pages/images/credentials-details.png
index 2ba536d5..38210184 100644
Binary files a/src/pages/images/credentials-details.png and b/src/pages/images/credentials-details.png differ
diff --git a/src/pages/images/credentials-project-overview.png b/src/pages/images/credentials-project-overview.png
index e6d46ff3..11681386 100644
Binary files a/src/pages/images/credentials-project-overview.png and b/src/pages/images/credentials-project-overview.png differ
diff --git a/src/pages/images/generate-certificate-key-pair.png b/src/pages/images/generate-certificate-key-pair.png
index 9be1158a..9eaa386d 100644
Binary files a/src/pages/images/generate-certificate-key-pair.png and b/src/pages/images/generate-certificate-key-pair.png differ
diff --git a/src/pages/images/quota-usage.png b/src/pages/images/quota-usage.png
index d9203207..489fcb45 100644
Binary files a/src/pages/images/quota-usage.png and b/src/pages/images/quota-usage.png differ
diff --git a/src/pages/images/services-add-api.png b/src/pages/images/services-add-api.png
index 53d9eee6..664dead1 100644
Binary files a/src/pages/images/services-add-api.png and b/src/pages/images/services-add-api.png differ
diff --git a/src/pages/images/services-add-to-project.png b/src/pages/images/services-add-to-project.png
index 877ce60e..5b17ba7f 100644
Binary files a/src/pages/images/services-add-to-project.png and b/src/pages/images/services-add-to-project.png differ
diff --git a/src/pages/images/services-api-jwt-added.png b/src/pages/images/services-api-jwt-added.png
deleted file mode 100644
index 71eebd4c..00000000
Binary files a/src/pages/images/services-api-jwt-added.png and /dev/null differ
diff --git a/src/pages/images/services-api-jwt-choose-profiles.png b/src/pages/images/services-api-jwt-choose-profiles.png
deleted file mode 100644
index fd053cdf..00000000
Binary files a/src/pages/images/services-api-jwt-choose-profiles.png and /dev/null differ
diff --git a/src/pages/images/services-api-jwt-create.png b/src/pages/images/services-api-jwt-create.png
deleted file mode 100644
index 8c535425..00000000
Binary files a/src/pages/images/services-api-jwt-create.png and /dev/null differ
diff --git a/src/pages/images/services-api-jwt-generate-token.png b/src/pages/images/services-api-jwt-generate-token.png
deleted file mode 100644
index 4c2a198e..00000000
Binary files a/src/pages/images/services-api-jwt-generate-token.png and /dev/null differ
diff --git a/src/pages/images/services-api-jwt-keypair.png b/src/pages/images/services-api-jwt-keypair.png
deleted file mode 100644
index 6297a69b..00000000
Binary files a/src/pages/images/services-api-jwt-keypair.png and /dev/null differ
diff --git a/src/pages/images/services-api-jwt-token.png b/src/pages/images/services-api-jwt-token.png
deleted file mode 100644
index c29e0b6f..00000000
Binary files a/src/pages/images/services-api-jwt-token.png and /dev/null differ
diff --git a/src/pages/images/services-api-oauth-added.png b/src/pages/images/services-api-oauth-added.png
deleted file mode 100644
index 12c067ed..00000000
Binary files a/src/pages/images/services-api-oauth-added.png and /dev/null differ
diff --git a/src/pages/images/services-api-oauth-s2s-added.png b/src/pages/images/services-api-oauth-s2s-added.png
new file mode 100644
index 00000000..c280dd9c
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-added.png differ
diff --git a/src/pages/images/services-api-oauth-s2s-choose-profiles.png b/src/pages/images/services-api-oauth-s2s-choose-profiles.png
new file mode 100644
index 00000000..e5c8a27a
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-choose-profiles.png differ
diff --git a/src/pages/images/services-api-oauth-s2s-create.png b/src/pages/images/services-api-oauth-s2s-create.png
new file mode 100644
index 00000000..1c4a07a2
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-create.png differ
diff --git a/src/pages/images/services-api-oauth-s2s-generate-token-2.png b/src/pages/images/services-api-oauth-s2s-generate-token-2.png
new file mode 100644
index 00000000..d8f6f4e3
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-generate-token-2.png differ
diff --git a/src/pages/images/services-api-oauth-s2s-generate-token.png b/src/pages/images/services-api-oauth-s2s-generate-token.png
new file mode 100644
index 00000000..38210184
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-generate-token.png differ
diff --git a/src/pages/images/services-api-oauth-s2s-view-curl-command.png b/src/pages/images/services-api-oauth-s2s-view-curl-command.png
new file mode 100644
index 00000000..fe31dc54
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-view-curl-command.png differ
diff --git a/src/pages/images/services-api-oauth-s2s-view-scopes.png b/src/pages/images/services-api-oauth-s2s-view-scopes.png
new file mode 100644
index 00000000..7f8fe465
Binary files /dev/null and b/src/pages/images/services-api-oauth-s2s-view-scopes.png differ
diff --git a/src/pages/images/services-api-oauth-user-auth-added.png b/src/pages/images/services-api-oauth-user-auth-added.png
new file mode 100644
index 00000000..d73b9be7
Binary files /dev/null and b/src/pages/images/services-api-oauth-user-auth-added.png differ
diff --git a/src/pages/images/services-api-oauth-user-auth-credential-overview.png b/src/pages/images/services-api-oauth-user-auth-credential-overview.png
new file mode 100644
index 00000000..cdb84123
Binary files /dev/null and b/src/pages/images/services-api-oauth-user-auth-credential-overview.png differ
diff --git a/src/pages/images/services-api-oauth-user-auth-credential-scopes.png b/src/pages/images/services-api-oauth-user-auth-credential-scopes.png
new file mode 100644
index 00000000..502bff2c
Binary files /dev/null and b/src/pages/images/services-api-oauth-user-auth-credential-scopes.png differ
diff --git a/src/pages/images/services-select-api-jwt.png b/src/pages/images/services-select-api-jwt.png
deleted file mode 100644
index f473bc67..00000000
Binary files a/src/pages/images/services-select-api-jwt.png and /dev/null differ
diff --git a/src/pages/images/services-select-api-oauth-s2s.png b/src/pages/images/services-select-api-oauth-s2s.png
new file mode 100644
index 00000000..3ec9cc97
Binary files /dev/null and b/src/pages/images/services-select-api-oauth-s2s.png differ